Vulnerabilities > Netapp > Oncommand Workflow Automation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-13 | CVE-2016-8610 | Resource Exhaustion vulnerability in multiple products A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. | 7.5 |
| 2017-10-19 | CVE-2017-10388 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 7.5 |
| 2017-10-19 | CVE-2017-10309 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 7.1 |
| 2017-10-04 | CVE-2017-12617 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. | 8.1 |
| 2017-02-07 | CVE-2016-1894 | Improper Access Control vulnerability in Netapp Oncommand Workflow Automation 2.2.1/3.0/3.1 NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors. | 8.1 |